Description:
A vulnerability was reported in the Windows DNS service RPC interface. A remote user can execute arbitrary code on the target system.

A remote user can send a specially crafted RPC packet to the RPC interface of the DNS server to trigger a stack overflow and execute arbitrary code on the target system. The code will run with the privileges of the target DNS service, which runs with Local System privileges by default.

A remote authenticated user can also exploit this vulnerability via TCP/UDP ports 139 and 445.